Security Advisory

SolarWinds Product Security Update Advisory

  • Feb 04 2026
SolarWinds Product Security Update Advisory

Overview

 

SolarWinds has released security updates to fix vulnerabilities in SolarWinds products. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-40536, CVE-2025-40537, CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554

 

SolarWinds Web Help Desk version: 12.8.8 HF1 and earlier

 

 

Resolved Vulnerabilities

 

Security control bypass vulnerability in SolarWinds Web Help Desk (CVE-2025-40536)
Hardcoded credential vulnerability in SolarWinds Web Help Desk (CVE-2025-40537)
Remote code execution vulnerability due to untrusted data deserialization in SolarWinds Web Help Desk (CVE-2025-40551)
Authentication bypass vulnerability in SolarWinds Web Help Desk (CVE-2025-40552)
Remote code execution vulnerability due to untrusted data deserialization in SolarWinds Web Help Desk (CVE-2025-40553)
Authentication Bypass Vulnerability in SolarWinds Web Help Desk (CVE-2025-40554)

 

 

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2025-40536, CVE-2025-40537, CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554

 

SolarWinds Web Help Desk version: 2026.1

 

 

References

 

[1] SolarWinds Web Help Desk Security Control Bypass Vulnerability (CVE-2025-40536)
https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40536
[2] SolarWinds Web Help Desk Hardcoded Credentials Vulnerability (CVE-2025-40537)
https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40537
[3] SolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2025-40551)
https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40551
[4] SolarWinds Web Help Desk Authentication Bypass Vulnerability (CVE-2025-40552)
https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40552
[5] SolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2025-40553)
https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40553
[6] SolarWinds Web Help Desk Authentication Bypass Vulnerability (CVE-2025-40554)
https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40554

Tags:
Previous Post

Next Post